在 C# 中使用私钥对数据进行签名

Signing data with private key in c#(在 C# 中使用私钥对数据进行签名)
本文介绍了在 C# 中使用私钥对数据进行签名的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我需要使用算法 SHA1RSA 用一个私钥对一些数据进行签名,Rsa 密钥长度为 2048,基本编码为 64.我的代码是这样的

I need to sign some data with one private key using Algorithm SHA1RSA ,Rsa Key length 2048 with 64 base encoding.My code is like this

string sPayload = "";
HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create("URI");
httpWebRequest.ContentType = "application/json; charset=utf-8";
httpWebRequest.Method = WebRequestMethods.Http.Post;

using (StreamWriter streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
{
    sPayload = "{"id":"14123213213"," +
                ""uid":"teller"," +
                ""pwd":"abc123"," +
                ""apiKey":"2343243"," +
                ""agentRefNo":"234324324"}";

    httpWebRequest.Headers.Add("SIGNATURE", Convert.ToBase64String(new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(Encoding.ASCII.GetBytes(sPayload))));
    
    streamWriter.Write(sPayload);
    streamWriter.Flush();
    streamWriter.Close();
}

System.Net.ServicePointManager.Expect100Continue = false;

HttpWebResponse httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();

using (StreamReader streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
    string result = streamReader.ReadToEnd();
}

在标头名称签名中,我需要使用私钥传递签名数据(sPayload).但是使用上面的代码会出现无效签名"错误.来自第三方,我不确定加密部分是否正确.

In the Header name Signature i need to pass the signed data(sPayload) using the private key.But using above code an error is getting as "invalid signature" from third party and i'am not sure whether the Encryption part is correct or not.

httpWebRequest.Headers.Add("SIGNATURE", Convert.ToBase64String(new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(Encoding.ASCII.GetBytes(sPayload))));

第三方提供了一个证书(cert,sha1)和密钥.我应该参考代码吗?

Third party had provide one certificate(cert,sha1) and key.should i refer that to the code?

推荐答案

您计算了 sPayload 的 SHA-1 哈希,而不是 RSA-SHA1 签名.

You have computed the SHA-1 hash of sPayload, not the RSA-SHA1 signature.

如果您有 X509Certificate2:

If you have an X509Certificate2:

using (RSA rsa = cert.GetRSAPrivateKey())
{
    return rsa.SignData(sPayload, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
}

如果您已经拥有原始 RSA 密钥,那么请不要使用 using 语句.

If you already have a raw RSA key then just leave off the using statement.

如果你必须计算 sPayload 的哈希值,你可以这样做

If you have to compute the hash of sPayload for some other reason you can do it like

byte[] hash;
byte[] signature;

using (HashAlgorithm hasher = SHA1.Create())
using (RSA rsa = cert.GetRSAPrivateKey())
{
    hash = hasher.ComputeHash(sPayload);
    signature = rsa.SignHash(hash, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
}

SignHash 仍然需要 HashAlgorithmName 值,因为算法标识符嵌入在签名中.

SignHash still requires the HashAlgorithmName value because the algorithm identifier is embedded within the signature.

这篇关于在 C# 中使用私钥对数据进行签名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

相关文档推荐

Custom Error Queue Name when using EasyNetQ for RabbitMQ?(使用 EasyNetQ for RabbitMQ 时自定义错误队列名称?)
How to generate password_hash for RabbitMQ Management HTTP API(如何为 RabbitMQ 管理 HTTP API 生成密码哈希)
Rabbitmq Ack or Nack, leaving messages on the queue(Rabbitmq Ack 或 Nack,将消息留在队列中)
Setup RabbitMQ consumer in ASP.NET Core application(在 ASP.NET Core 应用程序中设置 RabbitMQ 消费者)
Specify Publish timeouts in mass transit(指定公共交通中的发布超时)
RabbitMQ asynchronous support(RabbitMQ 异步支持)